Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Computer Security: Importance of VMware Virtual Machine for Testing and Security Evaluation

Verified

Added on 2023/06/08

AI Summary

This report discusses the importance of VMware virtual machine for testing and security evaluation. It includes investigation of security of the system, run level command, SQL injection, one port testing, proposal for securing system, and more.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: COMPUTER SECURITY
COMPUTER SECURITY
Name of the Student
Name of the University
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1COMPUTER SECURITY
Table of Contents
Introduction..........................................................................................................................2
Discussion............................................................................................................................3
Investigation of security of the system............................................................................3
Run Level Command.......................................................................................................4
SQL injection...................................................................................................................6
One port testing................................................................................................................7
Proposal for securing system...........................................................................................7
Conclusion.........................................................................................................................10
References..........................................................................................................................12

2COMPUTER SECURITY
Introduction
WidgetsInc has made a deal with Benny Vandergast Incorporation to easily develop new
web-based store. Benny Vandergast has come up with a VMware machine which can be used for
easily testing. VMware is known to be an industry leading software firm. It takes into
consideration customer safety and security in much serious (Wei et al. 2017). VMware come up
with certain programs and practices which helps in identification of various security issues in
their products. It also focuses on mitigating various kinds of software security risk to customers.
The programs are changing on regular basis depending on own experience and learning from
various industry collaboration and observation. The virtual machine is a well-known software or
OS (operating system) which does not only come up with the ability to perform a task on running
machine and separate systems (Davie et al. 2017). With the passage of time, the virtual machine
is becoming more common due to growth in virtualization technology. The virtual machine is
generally created to perform a large number of a task other than which are performed in the host
environment. Virtual machines are mainly implemented by different methods of simulation and
hardware virtualization techniques. The virtual machine is mainly differentiated into two
categories that are system virtual machines and process virtual machine.
In the coming pages of the report, an idea has been provided the importance of VMware
virtual machine for testing. After that security evaluation of the security of the system has been
discussed in details. A manual security of the website on the virtual portal has been provided.
The total evaluation of the website is done without any kind of password or username. A proper
description has been provided regarding the various tools and techniques for evaluation of the
system.

3COMPUTER SECURITY
Discussion
Investigation of security of the system
Virtual machines are considered to be well-known technology in the industry of
information technology. They are used in the domain of cloud computing for its benefits like
effective, scalability (Apecechea et al. 2014). They are largely used in security for detection of
any kind of malware like honeypots. With the growth of the mobile device market, VM is being
widely used as an emulator for detection of malware in a mobile device. The mobile device can
easily perform a similar function to a computer system. Mobile device comes up with the same
kind of vulnerabilities and issues which are encountered by a computer system. Smartphones are
limited by resources like a battery, lack of storage and processing. The integration of mobile
devices and cloud computing have resulted in lack of resources which are available to various
mobile devices and cloud technology (Hogan and Epping, 2016). A large number of resources
should be there for looking into the security mobile which is required for detection of malware
and monitoring of security. A malware detection security system making use of VM is of critical
vulnerability. In the beginning, malware will try to analyze the environment in which it will run.
By the help of VM detectors, malware creators can easily write programs which will help in
detection a VM environment. It would a serious consequence on the use of various mobile
devices used for any kind of application which helps in the detection of malware (Solaimani et
al. 2014). With the development of malware detection like VM environment can easily reduce
the value of risk of the behavior of harmful operation like botnet attacks which helps in detection
of VM environment. It can have serious consequence on the various application on VM which

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4COMPUTER SECURITY
can gain trust and value. A large number of methods or ways are available for analyzing
existence VM. A single process can be used only once to gain the trust of various users.
VMware can easily help in running the Ubuntu and this can be dealt by data
management. It helps in performing certain number of tools which will help in performance of
Operating System of Ubuntu. VMware needs to be develop for proper processing of security
check. VMware software needs to be installation for getting an access to the portal. After the
installation of the given VMware which comes up with certain number of question of the given
project which requires id for login and password. Both the things are mandatory for the initiation
of the given project. After the installation of both username and password, the major which is
encountered is the selection of Ubuntu and recovery mode of Ubuntu. After logging into the
processing model of recovery of Ubuntu, root option comes into action. Proper dropping of root
is done by the help of shell prompt in this section.
The code “whoami” is taken into account in the given root widget. The proper ending of
task may result in generation of second kind of available code that is “cd/home” is used. After
the use of both code ‘ls’ applied to given section. This has ultimately lead to that user name of
the given system which needs to be displayed.
At the last stage there are certain command of line of code, after which the username will
be displayed.
The code looked in the processing of this project are:
Run Level Command
 Shutdown: init 0. Shutdown –h now.-a: Use file
 /etc/shutdown.allow. –c: Cancel scheduled

5COMPUTER SECURITY
 shutdown. Halt –p. –p. Turn power off after
 shutdown. poweroff.
 Reboot: init 6. shutdown –r now. Reboot
 Renter single user mode: init 1.
 Check current runlevel: runlevel
There should be proper password which must be set by the help of command lines
‘mount –n –o remount, rw /’. This particular command is needed for entering in the given UNIX
command along with alteration of given command. It ultimately leads to the fact that User can
have server and server as a platform which is needed for having an access to the given platform
and password for reset. After providing the password which is given in the text pops which helps
in understanding the requirements of passwords.
With the completing of the given project, the given user can easily login into the server is
provided in the display of the screen in the given project.
The IP address can be looked for project in the data management which is inclusive of
different data processing with regards to IP address feature at the given portal. ‘ifconfig’ is a
well command which is needed for analyzing the different credentials of the project management
with proper collaboration with proper IP address. It is not used for understanding the given
collaboration of the given server by the help of IP address. Along with it will ensure details of
Internet protocol can be a processed terminology of the project that is UNIX system.
In the given virtual machine, the data needs to be provided which will be helpful for data
management system with respect to connectivity of the given server.

6COMPUTER SECURITY
PING command helps in assuring the fact that the method of connectivity of the server is
provided. With respect to the given server no kind of connectivity is given with respect to the
server. It will ultimately lead to the fact that all the given data needs to check the security of
project failure. Different packages are there in server which provides proper information which
started by the method connectivity, ensuring the fact that the data is processed in much efficient
way.
By making use of nmap the complete details of packaging can be done which helps in
gaining an idea regarding the availability of ports. All the provided information is collected in
the given UNIX server. Installation of nmap can be done by the help of ‘sudo apt-get install
nmap’ code.
After the installation of the given Nmap, the IP address is given. It has led to both data
processing and analysis of data management. After the proper manual processing of given data,
the IP needs to be successfully updated.
SQL injection
Injection of SQL is all about proper processing of data management which will ensure the
fact that it is restored in the method of data processing. It will ultimately lead to data
management of define security alerts with respect to SQL. It has ultimately led to input box
which will provide an idea regarding different kinds of available technology.
Testing of widgets is done with the help of two stages. The first stage will be totally
based on Ubuntu terminal testing. It is the major kind of test which needs to be done for proper
processing data. Both the username and password has bene provided for getting access to UNIX

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7COMPUTER SECURITY
server which is needed for this organization. By making of RDBMS the security of the given
data is provided in the given information with high value.
As soon as competition of SQL takes place the major process which is taken into account
is management of data by the help of mkdir command which is needed for processing in the
given command which is needed for security of the given data system. The command mkdir is
needed for creation of new kind of directory which helps in allocating more space.
GiT repository is used in processing of different project. It is due to the given fact that
installation of data management can be done by the help of installation of different packages
which helps in establishing connection with the given command in the git.
One port testing
Port 22 comes up with major impact which is needed for SSH log in the given system.
Port number 80 helps in analyzing the benefits with respect to system usage which is needed for
testing of the nmap system. Nmap and WebDAV are considered to be two major kind of
advantages which is needed for competition of testing procedure.
Proper installation of nmap can be done in the completing in the given system which is
there is the given project.
nmap –T4 –p80 –script=http-iis-webdav-vuln 192.168.34.130’ code is used for proper
processing and testing of the given system for this particular project. Vulnerability of p80 is
donewith respect to WebDAV. Port 22 needs to commanded with the help of command that is
‘nmap –T4 –p22 –script=http-iis-webdav-vuln 192.168.34.130’. Port 22 comes up with
vulnerability which is high and robust platform. WebDAV comes up with vulnerability for
vulnerability for the given ports which is low.

8COMPUTER SECURITY
Proposal for securing system
All the security issues in the VMware atmosphere can be improved by taking the
following steps like:
VMware Data Recovery: VDR is a well-known agentless backup solution which comes
up with employment of snapshot and deduplication of data. While running a virtual machine like
a Linux appliance, VDR can easily make a backup of important data. The backup and data
recovery in VDR is launched with the help of VMware center. VDR makes use of API of
Vstorage which is used for data protection (Roy et al., 2015). A VM-level back up is required for
possible faster recovery and any kind of backup. By making use of block-level data one can
easily keep the disk space to be a minimum level. VDR is inclusive of three parameters like
Enterprise plus, advanced and essential plus.
Change block tracking: Earlier, back up of VMDK is all about moving large files
around the LAN and SAN. It ultimately results in increasing the traffic of network and time
involved in back of the whole process. VMware makes use of CBT which is present in vSphere 4
which is used for improving the performance of the whole system (Shaikh, F., Ji and Fan, 2017).
CBT mainly allows VMkernel to track down any changes in virtual machine block. Backup of
given application can be used by storage API which is used for identifying various blocks.
Thin provisioning: VMware makes use of some kind of improvement which is used for
overcommitting the given space (Deane et al. 2015). Whenever a VM is created a proper storage
is allocated to it. Virtual machines do not come up storage space assigned. So, in the end, it is
seen that the VMDK file will be a larger file to check in. Backup of application is considered as a

9COMPUTER SECURITY
recognizable thing which is used for providing to them. But one thing should be taken into
consideration is it process or method to take up valuable time.
Data deduplication: It is not a new kind of feature which makes use of VDR backup. So,
it is important to have a look into the backup application which provides this particular feature.
Making use of other features like CBT, storage for API for protection of data (Pandiarajan and
Babulal, 2016). It mainly requires a certain number of procedure which will be helpful in the
backup of data. Duplicate data is a well-known method which eliminates duplicates in the proxy
server. It will ultimately reduce the amount of data which is transferred and stored for improving
the performance.
vCentre Server plug-ins: Proper management and monitoring of services help in proper
integration of server (Mao and Iravani, 2014). Backup vendors generally provide a certain
number of service on virtual machine portal which is inclusive of both success and failure.
Granular Recovery: Recovery at file level has now become possible without the need of
any two-step process. It mainly allows the various organization to easily perform a proper image
backup which does not have any kind of impact on the host system (Tong, Yan and Yu, 2015). It
does not focus on either of bare-metal which is from the side of file recovery.
iSCSI enhancement: Organization like Benny Vandergast Inc makes use of iSCSI
initiator which is mainly used for storage in the given environment of the virtual server(Biggio et
al. 2015). Apart from this, a large number of things can be benefitted like disk I/O along with the
reduction of CPU overhead benefits of whole backup processes.
Direct backup from shared storage: Network bottlenecks and inefficiency are created
due to backup of the path(Deane et al. 2015).. A direct to the path is provided which allows back

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10COMPUTER SECURITY
up of important data to go into the respective storage. Virtual disk data mainly run from a device
known as SAN storage.
VMware vStorage API used for data storage: VMware comes up with VMware
consolidate backup (VCB) command lines which are used for simplification of data protection. It
mainly allows a system image to easily captured without affecting the application (Roy et al.,
2015). With the help of VCB, backups are there so that there can be no amount of content to be
present in it. This particular process removes the requirement of an agent to perform virtual
machine and provides a proper kind of recovery. VMware requires two step back or any kind of
recovery which is used for providing file recovery. VMware changes the facilitation of the whole
backup process. In spite of that, it requires VCB and implementing stage without any kind of
backup application (Costan, Lebedev and Devadas, 2017). Back up data can be used to access
data on VMFS volume. This particular integration helps in having an idea regarding the
implementation in the much better way.
No, physically proxy required: A physical machine is needed for backup of the proxy
server (Shahzad, Iqbal and Bokhari, 2015). Currently, the organization is looking for a reduction
of infrastructure commitment as because the various proxy system which is mounted to LUN can
be also a virtual machine.
Conclusion
From the above discussion, it can be easily concluded that this report is all available
security tools for VMware. In this report, a case study has been provided where Widgets have
contracted Benny Vandergast to provide a VMware virtual machine which can be easily used for
testing. This particular organization has decided to give the task of evaluating the system to

11COMPUTER SECURITY
Benny Vandergast Inc. In the above pages of the report, an idea has been provided regarding
manual security evaluation of the system on the virtual system. A list of things has been provided
like IP address of the system, username, and password. All this thing need to be discovered as an
important part of an investigation for the report. In the above pages of the report three important
aspects have been taken into consideration like tools and techniques, the result obtained and
methods have been discussed which can be used for securing the system. In the above pages of
the report, two kind of hypervisor that is type 1 and type 2 has been discussed in details. An idea
has been provided regarding IP timestamp which helps in having an idea regarding VM. On
properly analyzing the various kinds of tools and methods a large number of things have taken
into consideration like VMware tools are outdated, the Virtual machine comes with limited
memory space, age and size of VM and lastly logging limitation of Virtual machine. A list of
ways has been discussed which can be used for securing the system are VMware data recovery,
change block tracking, thin provisioning, data deduplication, plug-ins, direct backup from
storage, API for storage of data and lastly no physical proxy are needed.

12COMPUTER SECURITY
References
Apecechea, G.I., Inci, M.S., Eisenbarth, T. and Sunar, B., 2014. Fine grain cross-vm attacks on
xen and vmware are possible!. IACR Cryptology ePrint Archive, 2014, p.248.
Biggio, B., Fumera, G., Russu, P., Didaci, L. and Roli, F., 2015. Adversarial biometric
recognition: A review on biometric system security from the adversarial machine-learning
perspective. IEEE Signal Processing Magazine, 32(5), pp.31-41.
Bose, R. and Sarddar, D., 2017. Developing a Secure Mode for Hybrid Distribution of University
Course Learning Materials. International Journal of Computational Intelligence Research, 13(8),
pp.2075-2093.
Costan, V., Lebedev, I. and Devadas, S., 2017. Secure processors part II: Intel SGX security
analysis and MIT sanctum architecture. Foundations and Trends® in Electronic Design
Automation, 11(3), pp.249-361.
Davie, B., Koponen, T., Pettit, J., Pfaff, B., Casado, M., Gude, N., Padmanabhan, A., Petty, T.,
Duda, K. and Chanda, A., 2017. A database approach to sdn control plane design. ACM
SIGCOMM Computer Communication Review, 47(1), pp.15-26.
Deane, J.P., Gracceva, F., Chiodi, A., Gargiulo, M. and Gallachóir, B.P., 2015. Assessing power
system security. A framework and a multi model approach. International Journal of Electrical
Power & Energy Systems, 73, pp.283-297.
Halderman, J.A. and Teague, V., 2015, September. The new south wales ivote system: Security
failures and verification flaws in a live online election. In International Conference on E-voting
and Identity (pp. 35-53). Springer, Cham.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

13COMPUTER SECURITY
Hogan, C. and Epping, D., 2016. Essential Virtual SAN (VSAN): Administrator's Guide to
VMware Virtual SAN. VMware Press.
Irazoqui, G., Inci, M.S., Eisenbarth, T. and Sunar, B., 2014, December. Fine grain cross-VM
attacks on Xen and VMware. In Big Data and Cloud Computing (BdCloud), 2014 IEEE Fourth
International Conference on (pp. 737-744). IEEE.
Kamboj, N., Saggu, S., Lamba, A. and Singh, M., 2017. A Review: Analysis and Comparison of
Different Detection Techniques of IDPS. Journal of Engineering and Applied Sciences, 12(22),
pp.5939-5943.
Kotra, J.B., Kim, S., Madduri, K. and Kandemir, M.T., 2017, October. Congestion-aware
memory management on NUMA platforms: A VMware ESXi case study. In Workload
Characterization (IISWC), 2017 IEEE International Symposium on (pp. 146-155). IEEE.
Mao, A. and Iravani, M.R., 2014. A trend-oriented power system security analysis method based
on load profile. IEEE Transactions on Power Systems, 29(3), pp.1279-1286.
Pandiarajan, K. and Babulal, C.K., 2016. Fuzzy harmony search algorithm based optimal power
flow for power system security enhancement. International Journal of Electrical Power &
Energy Systems, 78, pp.72-79.
Pathak, M., 2015. SAP Business Suite on Hitachi Unified Compute Platform for VMware
vSphere Using Hitachi Data Protection Suite.
Roy, A., Sarkar, S., Ganesan, R. and Goel, G., 2015. Secure the cloud: From the perspective of a
service-oriented organization. ACM Computing Surveys (CSUR), 47(3), p.41.

14COMPUTER SECURITY
Shahzad, F., Iqbal, W. and Bokhari, F.S., 2015, October. On the use of CryptDB for securing
Electronic Health data in the cloud: A performance study. In E-health Networking, Application
& Services (HealthCom), 2015 17th International Conference on (pp. 120-125). IEEE.
Shaikh, F., Ji, Q. and Fan, Y., 2017. An ecological network analysis of the structure,
development and sustainability of China’s natural gas supply system security. Ecological
indicators, 73, pp.235-246.
Shirinbab, S., Lundberg, L. and Ilie, D., 2014. Performance comparison of kvm, vmware and
xenserver using a large telecommunication application. In Cloud Computing. IARIA XPS Press.
Solaimani, M., Iftekhar, M., Khan, L. and Thuraisingham, B., 2014, October. Statistical
technique for online anomaly detection using spark over heterogeneous data from multi-source
vmware performance data. In Big Data (Big Data), 2014 IEEE International Conference on (pp.
1086-1094). IEEE.
Solaimani, M., Iftekhar, M., Khan, L., Thuraisingham, B. and Ingram, J.B., 2014, December.
Spark-based anomaly detection over multi-source VMware performance data in real-time.
In Computational Intelligence in Cyber Security (CICS), 2014 IEEE Symposium on (pp. 1-8).
IEEE.
Solaimani, M., Khan, L. and Thuraisingham, B., 2014, August. Real-time anomaly detection
over VMware performance data using storm. In 2014 IEEE International Conference on
Information Reuse and Integration (IRI) (pp. 458-465). IEEE.
Tong, Y.J., Yan, W.Q. and Yu, J., 2015. Analysis of a secure virtual desktop infrastructure
system. International Journal of Digital Crime and Forensics (IJDCF), 7(1), pp.69-84.

15COMPUTER SECURITY
Wei, M., Tai, A., Rossbach, C.J., Abraham, I., Munshed, M., Dhawan, M., Stabile, J., Wieder,
U., Fritchie, S., Swanson, S. and Freedman, M.J., 2017, March. vCorfu: A Cloud-Scale Object
Store on a Shared Log. In NSDI (pp. 35-49).
Weitzman, L., Lewis-Bowen, A., Chung, C., Mostafavi, R. and Jin, Y., 2015. A Strategy for
Mobile App Development at VMware.

1 out of 16

+13062052269

info@desklib.com

Computer Security: Importance of VMware Virtual Machine for Testing and Security Evaluation

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Security Evaluation of the VMware Virtual Machine

Computer Security System Investigation

System Security Investigation for Virtual Machine Image File

virtual machine Security Assignment PDF

Computer Security System Investigation

Computer Security Project